Yii 2创建多个用户角色(RBAC)

时间:2015-02-13 04:09:01

标签: php yii2 rbac

我们已经阅读了教程,但我们仍然不了解整个事情(正在关注这里:http://www.yiiframework.com/doc-2.0/guide-security-authorization.html)。他们中的大多数都使用高级模板,但我们只使用基本模板。

我的问题是,我们是否需要为RBAC制作另一个控制器?我们在哪里放置这样的代码,例如:

$r->init();
$r->createRole("bizadmin","Biz Administrator");
$r->save();
$r->assign('2','bizadmin');

我们需要创建哪些数据库表?我们已经创建了用户表,但不知道下一步该做什么。

我希望有人能给出详细解释。

请帮忙。我们对此仍然很陌生。谢谢。

修改

我们尝试了这些:

public function behaviors()
{
    return [
        'access' => [
            'class' => AccessControl::className(),
            'rules' => [
                [
                    'actions' => ['login', 'error'], // Define specific actions
                    'allow' => true, // Has access
                    'roles' => ['@'], // '@' All logged in users / or your access role e.g. 'admin', 'user'
                ],
                [
                    'allow' => false, // Do not have access
                    'roles'=>['?'], // Guests '?'
                ],
            ],
        ],
         'verbs' => [
            'class' => VerbFilter::className(),
            'actions' => [
                'logout' => ['post'],
            ],
        ],
    ];
}

public function actionIndex()
{
    $r = new DbManager;
    $r->init();
    $r->createRole("bizadmin","Biz Administrator");
    $r->save();

    $r->assign('2','bizadmin');

    return $this->render('index');
}

但是我们收到了这个错误:

exception 'yii\web\ForbiddenHttpException' with message 'Login Required' in C:\wamp3\www\basic\vendor\yiisoft\yii2\web\User.php:431
Stack trace:
#0 C:\wamp3\www\basic\vendor\yiisoft\yii2\filters\AccessControl.php(149): yii\web\User->loginRequired()
#1 C:\wamp3\www\basic\vendor\yiisoft\yii2\filters\AccessControl.php(126): yii\filters\AccessControl->denyAccess(Object(yii\web\User))
#2 C:\wamp3\www\basic\vendor\yiisoft\yii2\base\ActionFilter.php(71): yii\filters\AccessControl->beforeAction(Object(yii\web\ErrorAction))
#3 [internal function]: yii\base\ActionFilter->beforeFilter(Object(yii\base\ActionEvent))
#4 C:\wamp3\www\basic\vendor\yiisoft\yii2\base\Component.php(538): call_user_func(Array, Object(yii\base\ActionEvent))
#5 C:\wamp3\www\basic\vendor\yiisoft\yii2\base\Controller.php(259): yii\base\Component->trigger('beforeAction', Object(yii\base\ActionEvent))
#6 C:\wamp3\www\basic\vendor\yiisoft\yii2\web\Controller.php(108): yii\base\Controller->beforeAction(Object(yii\web\ErrorAction))
#7 C:\wamp3\www\basic\vendor\yiisoft\yii2\base\Controller.php(149): yii\web\Controller->beforeAction(Object(yii\web\ErrorAction))
#8 C:\wamp3\www\basic\vendor\yiisoft\yii2\base\Module.php(455): yii\base\Controller->runAction('error', Array)
#9 C:\wamp3\www\basic\vendor\yiisoft\yii2\web\ErrorHandler.php(80): yii\base\Module->runAction('site/error')
#10 C:\wamp3\www\basic\vendor\yiisoft\yii2\base\ErrorHandler.php(95): yii\web\ErrorHandler->renderException(Object(yii\web\ForbiddenHttpException))
#11 [internal function]: yii\base\ErrorHandler->handleException(Object(yii\web\ForbiddenHttpException))
#12 {main}
Previous exception:
exception 'yii\web\ForbiddenHttpException' with message 'Login Required' in C:\wamp3\www\basic\vendor\yiisoft\yii2\web\User.php:431
Stack trace:
#0 C:\wamp3\www\basic\vendor\yiisoft\yii2\filters\AccessControl.php(149): yii\web\User->loginRequired()
#1 C:\wamp3\www\basic\vendor\yiisoft\yii2\filters\AccessControl.php(126): yii\filters\AccessControl->denyAccess(Object(yii\web\User))
#2 C:\wamp3\www\basic\vendor\yiisoft\yii2\base\ActionFilter.php(71): yii\filters\AccessControl->beforeAction(Object(yii\base\InlineAction))
#3 [internal function]: yii\base\ActionFilter->beforeFilter(Object(yii\base\ActionEvent))
#4 C:\wamp3\www\basic\vendor\yiisoft\yii2\base\Component.php(538): call_user_func(Array, Object(yii\base\ActionEvent))
#5 C:\wamp3\www\basic\vendor\yiisoft\yii2\base\Controller.php(259): yii\base\Component->trigger('beforeAction', Object(yii\base\ActionEvent))
#6 C:\wamp3\www\basic\vendor\yiisoft\yii2\web\Controller.php(108): yii\base\Controller->beforeAction(Object(yii\base\InlineAction))
#7 C:\wamp3\www\basic\vendor\yiisoft\yii2\base\Controller.php(149): yii\web\Controller->beforeAction(Object(yii\base\InlineAction))
#8 C:\wamp3\www\basic\vendor\yiisoft\yii2\base\Module.php(455): yii\base\Controller->runAction('login', Array)
#9 C:\wamp3\www\basic\vendor\yiisoft\yii2\web\Application.php(83): yii\base\Module->runAction('site/login', Array)
#10 C:\wamp3\www\basic\vendor\yiisoft\yii2\base\Application.php(375): yii\web\Application->handleRequest(Object(yii\web\Request))
#11 C:\wamp3\www\basic\web\index.php(12): yii\base\Application->run()
#12 {main}

1 个答案:

答案 0 :(得分:6)

1)你不需要另一个RBAC控制器

2)为了生成Rbac,您应该使用这种方式 - http://www.yiiframework.com/doc-2.0/guide-security-authorization.html#building-authorization-data 并运行

yii rbac/init

编辑:

从我的项目中添加更多内容。

我创建了rbac。我有2个文件。第一项.php

<?php
return [
    'dashboard' => [
        'type' => 2,
        'description' => 'Админ панель',
    ],
    'user' => [
        'type' => 1,
        'description' => 'Администратор',
        'ruleName' => 'userRole',
    ],
    'moder' => [
        'type' => 1,
        'ruleName' => 'userRole',
        'children' => [
            'user',
            'dashboard',
        ],
    ],
    'admin' => [
        'type' => 1,
        'ruleName' => 'userRole',
        'children' => [
            'moder',
        ],
    ],
];

第二个rules.php

<?php
return [
    'userRole' => 'O:35:"common\\components\\rbac\\UserRoleRule":3:{s:4:"name";s:8:"userRole";s:9:"createdAt";N;s:9:"updatedAt";N;}',
];

在配置设置为组件区域

'authManager' => [
            'class' => 'yii\rbac\PhpManager',
            'defaultRoles' => ['user','moder','admin'], 
            'itemFile' => '@common/components/rbac/items.php',
            'assignmentFile' => '@common/components/rbac/assignments.php',
            'ruleFile' => '@common/components/rbac/rules.php'
        ],

在控制器检查中

if (\Yii::$app->user->can('createPost')) {
    // create post
}

访问控制过滤器http://www.yiiframework.com/doc-2.0/guide-security-authorization.html#access-control-filter是一个非常简单的授权。他提供两种状态:auth user或NOT auth user(guest)。